Regulatory Reality:

banking


April 18, 2011  6:22 PM

Epsilon: Why vendor management is critical.



Posted by: David Schneier
Audit, bank, banking, compliance, FDIC, FFIEC, GLBA, NCUA, regulatory, Regulatory Compliance, requirements, risk, SAS 70, vendor, Vendor Management

A few years back we hired a local painting contractor to do some work around my house.  Upon completing his sales spiel he announced that he often relies upon subcontractors for the less skilled work and wanted to be upfront about that before we entered into any sort of deal with him.  Anyone he...

March 15, 2011  9:58 PM

Is your examiner a friend or foe?



Posted by: David Schneier
Audit, bank, banking, compliance, credit union, CU, exam, examiner, FDIC, GLBA, NCUA, OCC, oversight, regulations, regulatory, Regulatory Compliance

I was catching up on my industry emails the other day and buried in my FDIC email folder was Financial Institution Letter FIL-13-2011, sent out on March 1st. Truthfully I usually pay close attention to their Friday afternoon blasts regarding bank closings and only skim the rest. But this one...


March 8, 2011  4:58 PM

Does GRC scale to size?



Posted by: David Schneier
assessment, Audit, bank, banking, compliance, credit union, CU, exam, examination, examiner, exams, governance, GRC, regulation, regulatory, Regulatory Compliance, risk, risk assessment

We were having an internal conversation this past week about governance, risk, and compliance (GRC) and I was asked about its role in the small and...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


January 17, 2011  1:55 PM

Is the U.S. banking crisis over?



Posted by: David Schneier
bank closing, bank closings, banking, banking crisis, compliance, FDIC, FFIEC, foreclosure, GLBA, NCUA, regulatory, Regulatory Compliance

As my professional mind started winding down this evening in anticipation of the weekend, my thoughts started drifting towards yard work and time with the family. Then my Droid started chirping it's little sing-song of alerts as a round of emails hit my inbox and I was brought back to reality for a...


October 1, 2010  7:41 PM

Hidden information security threats are still threats



Posted by: David Schneier
Audit, bank, banking, compliance, credit union, CU, FDIC, FFIEC, financial, financial institutions, personally identifiable informaiton, regulations, regulatory, Regulatory Compliance, security PII

Growing up I was a huge fan of the sitcom "The Odd Couple."  Some of my favorite catch phrases have in some part been influenced by lines of dialogue that I memorized.  One in particular serves as the best pure definition for a phenomenon I encounter frequently enough in my audit/compliance...


August 16, 2010  2:43 PM

Data security risks in the new age of banking



Posted by: David Schneier
Audit, bank, banking, cloud, cloud computing, credit union, FDIC, GLBA, merger, NCUA, NPPI, PII, regulatory, Regulatory Compliance, risk, risk assessment

Earlier this month, I blogged about my concerns regarding a drop-off in information security oversight by banking regulators. In this age of safety and soundness first, everything else is second, if at all.  It's more than a week later and I'm not feeling any better about things; as a matter of...


August 2, 2010  9:29 PM

Where’s the information security oversight?



Posted by: David Schneier
Audit, bank, banking, bcp, CISO, compliance, compliance officer, FDIC, FIL, GLBA, information security, regulatory, Regulatory Compliance, Security, vulnerability test

We were watching a baseball game the other night when one of Microsoft's recent IE8 security commercials aired.  It's the one where a fictitious bank is set up and people off the street, deceived by its appearance, wind up turning over boat loads of personally identifiable information (PII)...


January 27, 2010  12:13 AM

Banking regulatory reform is a comin’



Posted by: David Schneier
bank, banking, Basel, FDIC, FFIEC, GLBA, NCUA, Regulatory Compliance

I was scanning through emails the other day and almost missed a good one. It was from the FDIC on Friday, January 22. As we’ve all come to know Friday is the FDIC’s equivalent of “bring out the dead day” when they almost always announce the...


December 1, 2009  1:49 AM

Bank Checks: the final frontier?



Posted by: David Schneier
bank, banking, checking account, credit card, FDIC, identify theft, online fraud, PCI, PII, Regulatory Compliance, routing number, social security numbers

I want to play a game with you, sort of like the compliance equivalent of the Rorschach inkblot test. I’m going to throw out a phrase and I want you to write down the first acronym that comes to mind.

Ready? Here we...


September 30, 2009  7:34 PM

Accountability key to banking recovery



Posted by: David Schneier
Audit, bank, banking, compliance, credit union, CU, DIF, FDIC, GLBA, NCUA, Regulatory Compliance

Every day, I receive a semi-deluge of industry related emails.  Between the various agencies, media sites, organizations and associations I tend to receive more communiqués than I know what to do with.  But I developed an interesting habit last year when the banking...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: